If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

i came up with a way to track the laptop that my work, and wanted to bounce some ideas around.

we know that the person that stole the laptop probably doesn't live farther than a 5 mile radius from were my friends house is

what i was thinking is driving around the area with kismet fired-up to try to see if the laptop is in and connected to and AP's.

I was wondering if there would be a way to get kismet to alert me if a specific mac address pops up?

any ideas would be appreciated.

...and then what if you find it? I doubt that the police would be able to get a search warrant based upon a kismet log and your assumption that you know it's in a particular house.

Of course, you could always go knocking on doors and asking if they stole your friends laptop, but before you do, I'd suggest you have all your affairs in order.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

i came up with a way to track the laptop that my work, and wanted to bounce some ideas around.

we know that the person that stole the laptop probably doesn't live farther than a 5 mile radius from were my friends house is

what i was thinking is driving around the area with kismet fired-up to try to see if the laptop is in and connected to and AP's.

I was wondering if there would be a way to get kismet to alert me if a specific mac address pops up?

any ideas would be appreciated.

Nope........ Though you could manually search the logs later.

Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

Couldn't you write a script that would occasionally grep the log file for a certain mac address and if it finds it, sound a bong or something? Have Crontab run it.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

dont worry, when the mac pops up me and a few friends will do a lil stake out. my friend got a look at the thief

A stake out is fine. But please do not attempt to intervene without police help. Try to gather all the evidence that you can and then go to the police station with your evidence and sit down and talk with them. Be calm, polite and respectful and I'm sure that they'll help you out. Trust me, I've had lots of dealings with LEO's over the years, and they appreciate it if you do as much as you can to help them make their case.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

An intuitive and simple-to-use web interface allows users to remotely manage and even 'brick/unbrick' their notebooks. Through interoperability with the Ericsson's F3507g Modules, Phoenix FailSafe enables these policies even when the notebooks are on a cellular network, ensuring that among other features, the GPS location capabilities and data are sent to the IT department's web-based security center.

You might also want to remember that since it is your laptop, any information that is entered into it is yours too. If you do manage to find it you already know what services are installed and its update status you might be able to get inside. Once in, put in a keylogger/vnc or whatever suits your fancy.

If it is a newer laptop with a built in webcam/mic, well you just got yourself a fly on the wall so to speak. This is great if they keep the laptop, if on the other hand you are worried about them trying to pawn it you should probably get the police involved immediately.

Its a little like an idea I heard for a pen test of a corperation. Get an inexpensive laptop with a webcam/mic built in and preconfigured keyloggers and backdoors installed already, then send it in to the company as a "free gift" for being such a loyal Dell customer or something like that. Or perhaps as a trial device from corporate HQ to see what employees thought of upgrading laptops. Its almost guaranteed that someone will log into the network eventually.

No one thinks about physical Trojans anymore, even though they have been around for 3000 years.

Morpheus: "You take the blue pill - the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill - you stay in Wonderland and I show you how deep the rabbit-hole goes."

7eleven: You CAN have kismet alert you to a specific MAC address. In the kismet.conf file, look for the "filter_tracker" line, uncomment it and set it so that you are filtering for ONLY your MAC address of interest. For example, if your stolen latop's wireless MAC is de:ad:be:ef:ca:fe, you would set the filter_tracker as follows:

filter_tracker=SOURCE(de:ad:be:ef:ca:fe) (you could also use DEST, but not ANY)

That will filter out all data EXCEPT 'SOURCE' packets from that specific MAC address.
Also, make sure you set sound=true (I'm not positive if kismet will beep when finding it since I don't use a sound card), but it will be the only hit on your kismet screen.